3f4efedd23
Polish gh-11367
2022-07-26 15:33:34 -05:00
8f93a7fc94
Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this
way, even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.
- Included permissions for the action.
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-07-26 15:33:33 -05:00
aaf20e7b61
Build only on branches
...
Issue gh-11480
2022-07-18 11:47:25 -05:00
148756076c
Backport release automation and github actions
...
Closes gh-11501
2022-07-13 15:51:25 -05:00
92d4f1237d
Use JDK 17 for Antora
...
Issue gh-11430
Issue gh-11324
2022-07-13 14:11:31 -05:00
095f23d81f
Fix slack notifications in #spring-security-ci
...
Issue gh-11346
2022-07-05 17:50:27 -05:00
c4a55b90e3
Antora generate workflow use JDK 17
...
Closes gh-11430
2022-06-22 15:21:29 -03:00
ac98e358a5
Add slack announcement when release is successful
...
Closes gh-11307
2022-06-14 14:10:09 -05:00
d1cb236df5
Fix slack notifications in #spring-security-ci
...
This change can be reverted if upgrading to a new version of
Gamesight/slack-workflow-status with the fix available (> 1.1.0).
Closes gh-11346
2022-06-07 16:07:10 -05:00
592db9180d
Enable BackportBot on 5.6.x
2022-06-06 14:16:28 -05:00
07f28de79b
Polish gh-11184
...
Propagate rename in notify_result section.
2022-06-03 15:23:48 -05:00
46723a601c
Add workflow step for scheduling the next milestone
...
This step introduces the concept of a release train to determine the appropriate release dates and schedules milestones as needed. It uses the following rules:
- If the current SNAPSHOT version is a minor release (patchVersion == 0), checks to see if a GA release exists. If not, a release train is scheduled as follows:
- Finds the next available release train starting month (including this month), either January or July.
- Schedules a release train with M1, M2, M3, RC1 and GA versions on either January/February/March/April/May or July/August/September/October/November
- If the current SNAPSHOT version is a patch release (patchVersion != 0), checks to see if a GA release exists. If not, an individual milestone is scheduled on the next even month whose release day is in the future (can include this month).
- In either case, the release day used to schedule the release is based on the configured weekOfMonth (1-4) and dayOfWeek (1-5), e.g. 3rd Monday of the month (3, 1).
If a milestone already exists, nothing is created. Once created, milestone due dates can be updated manually as desired.
Closes gh-10458
2022-06-03 15:07:42 -05:00
ad19fc1330
Add workflow for scheduling releases on maintenance branches
...
Closes gh-11180
2022-06-03 10:19:02 -05:00
96caecc639
Disable pull request for backport-bot.yml
2022-06-02 11:00:46 -05:00
a10f707b6e
Fix spacing in backport-bot.yml
2022-06-01 16:46:54 -05:00
1d4bf88a0f
Cleanup backport-bot.yml
...
Issue gh-11313
2022-06-01 16:45:50 -05:00
b78a28be5f
Add backport-bot.yml
...
Closes gh-11313
2022-05-31 21:42:56 -05:00
8e34b4c15e
Fix step id in conditional checks
2022-05-16 14:22:36 -05:00
8f4d003602
Revert "Add expression syntax to conditionals"
...
This reverts commit ea0b271a73
2022-05-16 14:21:49 -05:00
ea0b271a73
Add expression syntax to conditionals
...
Issue gh-11158
2022-05-16 12:39:55 -05:00
d07c5e0804
Add quotes to boolean conditional checks
...
Issue gh-11158
2022-05-16 12:25:24 -05:00
0c94cfca63
Fix conditional using env namespace at job level
...
Issue gh-11158
2022-05-16 12:13:25 -05:00
44e672d969
Use properties in the checkSamples job
...
Issue gh-10344
2022-05-11 16:13:34 -03:00
0137f94f3b
Use properties in the checkSamples job
...
Issue gh-10344
2022-05-11 12:32:16 -03:00
e4f5d2c6ef
Fix release-next-version.yml
...
- Improve speed by using single job and multiple steps
- Check output of tasks rather than rely on status codes to fail
Issue gh-11158
2022-04-27 19:07:36 +02:00
eba091bad5
Push tag in release workflow
...
Issue gh-11023
2022-04-26 10:10:27 +02:00
8914f06eca
Use non-default access token in release pipeline
...
This ensures that subsequent workflows are triggered
Closes gh-11022
2022-04-26 09:54:40 +02:00
9601efd341
Add gradle-build-action to GitHub Actions pipelines
...
Closes gh-11099
2022-04-14 15:05:46 -05:00
0e7dec2d2c
Tag release after updating gradle.properties
...
Closes gh-11023
2022-03-29 13:44:22 +02:00
992b8c38ac
Update antora on next development version release
...
Move commit from gradle task to workflow. Update antora.yml after project version update and before commit.
Closes gh-11021
2022-03-29 12:28:37 +02:00
4a25264404
Stage changes before committing in release pipeline
...
Issue gh-11020
2022-03-29 12:28:05 +02:00
55c956ee68
Add task to update version in antora.yml
...
This task updates the docs version based on the version in gradle.properties
Closes gh-11020
2022-03-28 18:11:20 +02:00
155fe11815
Update release pipeline scheduled time to 5pm UTC
...
Issue gh-10455
2022-03-18 13:43:37 -05:00
43142a8137
Update CI pipeline to push next snapshot version after release
...
Issue gh-10461
2022-03-18 13:43:37 -05:00
d7ac254b3d
Do not run CI on tags
...
Issue gh-10457
2022-03-16 11:47:14 -05:00
5f37ee2f64
Add missing output and checkout
...
Issue gh-10928
2022-03-09 10:47:48 -06:00
aa0005b1e1
Update CI process to create GitHub releases with release notes
...
Closes gh-10928
2022-03-08 17:41:57 -06:00
8c95ed6568
Update release pipeline to push next milestone
...
- Check that all associated issues are closed
- Update gradle.properties and push change
Issue gh-10451
2022-03-01 16:10:25 +01:00
eb31913b2b
Rearrange env variables in release pipeline
...
Issue gh-10451
2022-03-01 15:37:25 +01:00
e472cc1cc8
Update release time to 1pm UTC
...
Issue gh-10451
2022-03-01 15:37:05 +01:00
c7f3ad89f3
Re-enable check samples CI task
...
Issue gh-10832
This reverts commit 85de423756
2022-02-14 13:04:32 +01:00
85de423756
Temporarily disable check samples CI task
...
Issue gh-10832
2022-02-14 12:53:48 +01:00
d225d46749
Automated release should not trigger on git push
...
Issue gh-10451
2022-02-03 10:28:31 +01:00
1a1ef42094
Add workflow that triggers release on due date
...
Add 2 Gradle tasks, one that calculates the next release milestone based on the current version and one that checks if it is due today.
Issue gh-10451
Issue gh-10455
2022-02-03 10:11:46 +01:00
8eeacf4a36
Fix Antora for Milestone & RC
...
- Verify Antora display_version
- Run workflow for tags
- Allow run workflow manually
Issue gh-10765
2022-01-18 14:20:47 -06:00
b96a2ae5a6
Generate Antora workflow_dispatch
...
Issue gh-10765
2022-01-18 12:56:29 -06:00
2c38bfe59c
Generate Antora for tags
...
Issue gh-10765
2022-01-18 12:56:06 -06:00
4f88bb8e5f
Antora Playbook
2021-11-11 13:37:08 -06:00
127e10e607
Antora Playbook
2021-11-11 13:34:54 -06:00
e5ff13901e
Switch workflows to use a JDK17 baseline
...
Closes gh-10353
2021-11-01 09:02:42 -03:00
d779cd1d48
Support Structure101 License ID
...
Closes gh-10443
2021-10-28 13:26:02 -06:00
cb6ca7f470
GitHub Actions uses spring-builds+github user
...
This is more clear than spring-builds user
2021-10-26 11:25:42 -06:00
efb9fcfb66
Use repository_name too
2021-10-25 15:05:06 -05:00
cb6e64fc97
Extract Branch Name
2021-10-25 14:56:53 -05:00
e5747fe860
Use env.GENERATED_BRANCH_NAME
2021-10-25 14:21:55 -05:00
0d4959d514
Use GENERATED_BRANCH_NAME
2021-10-25 14:15:19 -05:00
ce58a868c9
Use branch name instead of entire ref
2021-10-25 14:10:00 -05:00
132723bc8c
Use repository + ref for generated docs
2021-10-25 14:04:02 -05:00
1f5ebdda97
Use github.repository
2021-10-25 13:14:04 -05:00
e87775bb1a
GITHUB_REPOSITORY instead of env.GITHUB_REPOSITORY
2021-10-25 13:12:38 -05:00
8cb36c24ba
Generated docs use env
2021-10-25 13:09:06 -05:00
0f4b77a52f
Use https://spring.io/security-policy
2021-10-20 09:15:29 -05:00
cff0bde1a3
GitHub Actions uses spring-builds+github user
...
This is more clear than spring-builds user
2021-09-28 15:09:03 -05:00
770c57ecc9
Add Structure101 to CI Build
...
Closes gh-6236
2021-09-27 16:23:19 -06:00
b57caf22af
Use GH_ACTIONS_REPO_TOKEN
2021-09-27 13:29:29 -05:00
e4ce7249cc
Generate antora.yml and push to spring-security-docs-generated
2021-09-23 15:50:14 -05:00
59e7a10732
Add dispatch
2021-09-23 15:45:22 -05:00
d0fbe6b501
Update CI deployments to be dependent on Check Samples
...
Closes gh-10207
2021-08-19 10:13:38 -03:00
be91a78781
Update Check Samples job to run in parallel
...
Issue gh-9846
2021-08-17 11:15:10 -03:00
71f1cf1e0b
Remove Remaining Sonar Reference
...
Issue gh-10205
2021-08-16 14:45:33 -05:00
829733896c
Remove unused Sonar from Build
...
Closes gh-10205
2021-08-16 14:42:38 -05:00
c562d56ff4
Add checkSamples task
...
Closes gh-9846
2021-07-27 14:11:51 -03:00
e98b6c617b
Add Name for Check Milestone
...
Issue gh-9989
2021-06-22 14:04:37 -05:00
3656e08b49
Notify if Milestone Invalid
...
Issue gh-9989
2021-06-22 13:54:18 -05:00
1545ccb406
Add milestone-spring-releasetrain.yml
...
Check if milestones are part of the release train
Closes gh-9989
2021-06-22 13:49:54 -05:00
98326dfae4
Use stack-workflow-status Action
...
Closes gh-9792
2021-06-15 13:41:11 -06:00
2d61fda1af
Combine multiple OS builds into one
...
Closes gh-9790
2021-05-25 10:40:28 -06:00
fa7ba5e3db
Update Env Variables in Build Windows Job
...
Closes gh-9761
2021-05-25 10:40:28 -06:00
f7f435d3f4
Include all configured branches in CI
...
Closes gh-9775
2021-05-18 15:57:40 -06:00
081e3301ad
Use GPG_PRIVATE_KEY directly
...
Closes gh-9776
2021-05-18 16:44:29 -05:00
03924951a2
Update GitHub Actions to use publishArtifacts
2021-05-17 23:40:43 -05:00
8ace670479
Configure user name for Gradle CI builds
...
Closes gh-9747
2021-05-17 11:07:35 +02:00
85fb9c09a5
Update Check Windows CI Workflow
...
- Add slack integration for error reporting
- Rename from check_windows to build_windows
- Change the build command to match the one in build_jdk_11
- Add build_windows to the needs of deployment and failure check jobs
Issue gh-9727
2021-05-14 15:07:38 -06:00
d3f5521cbf
Add New Job to Verify Windows Build on CI Workflow
...
Issue gh-9727
2021-05-12 14:47:52 -06:00
441b9f8187
Adjust Needs Output
...
- There is no need to emit the value of RUN_JOBS to the rest of the
workflow. As a boolean, it is sufficient to ask whether or not the
corresponding output is present at all
- Prerequisites is apparently easy to misspell
Issue gh-9701
2021-05-11 17:07:32 -06:00
a493660cdb
Stop CI Jobs on Forks
...
Closes gh-9701
2021-05-07 13:40:19 -06:00
006b9b9607
master->main
...
Closes gh-9683
2021-04-26 16:55:43 -05:00
6e0d9e679e
Remove test_alternative_jdks
...
JDK 12 is no longer supported and JDK 16 requires Gradle 7 which has
not been released yet.
2021-04-05 12:30:55 -05:00
dd3b90379b
Change to GPG_PRIVATE_KEY_NO_HEADER
...
Closes gh-9531
2021-03-30 12:55:00 -06:00
f9c4dbae61
Update Git Workflows to Use JDK 11
...
Closes gh-9417
2021-02-17 11:53:51 -07:00
793781fb67
Add manual trigger to CI workflow
...
Closes gh-9360
2021-01-21 14:02:54 +01:00
ef3b4d49d9
Add artifactoryUsername/Password to other workflow steps
...
Added artifactoryUsername/Password to other CI workflow steps to ensure
all steps will pass if a new dependency is added.
2020-11-16 13:11:07 -06:00
47bb9b945c
Add artifactoryUsername/Password to download new dependencies
2020-11-16 13:02:11 -06:00
649443f67e
Build GitHub Actions CI pipeline
2020-11-10 10:25:16 -05:00
d69032a68d
Prevent PR builds from running on forks
2020-10-26 11:07:25 -05:00
7ef3f61924
Add build scans to PR builds
2020-09-30 10:20:12 -04:00
7319e81701
Change pipeline to run for all base branches
...
Issue gh-8680
2020-06-17 16:05:41 -05:00
e213e6430a
Create Github Actions pipeline for PR build workflow
2020-06-11 11:07:34 -07:00
b1c8affec0
Update issue templates
...
Remove old templates
2020-04-16 16:05:40 -05:00
5eb7134ee0
Update issue templates
...
Improve descriptions
2020-04-16 16:03:57 -05:00
27b711a0a9
Add `status: waiting-for-triage` to issue templates
2020-04-16 16:02:26 -05:00
71fcd5835b
Remove legacy issue template
...
Issue gh-8395
2020-04-15 16:36:08 -05:00
62fa697863
Add GitHub Issue Templates
...
Closes gh-8395
2020-04-15 16:12:45 -05:00
59dcc36dd1
Use https link to Stack Overflow
2019-06-19 12:44:43 -05:00
df14e18299
Add links to Stack Overflow Reply Template
2019-06-19 11:27:57 -05:00
9f52e9b5ce
Update to align with Spring Boot's Stack Overflow
2019-06-19 11:27:10 -05:00
ead28a3cee
Add create issue for features
2019-05-07 13:34:08 -05:00
21a0e45622
Update ISSUE_REPLY_TEMPLATES
2019-04-05 09:17:42 -04:00
4e9c37b1ae
Manual URL Cleanup
2019-03-29 13:24:11 -04:00
575d943f1a
Add GitHub Issue reply templates
2019-01-09 14:45:08 -05:00
e4255c9793
Add Security Vulnerabilities
2018-03-20 22:42:46 -05:00
332c395875
Add Security Vulnerabilities Location
2018-03-20 22:42:15 -05:00
e7fd6f6c3f
Remove the CLA confirmation from template
...
We now use the new CLA tooling which automates this
2016-06-13 13:20:22 -05:00
e9cb92bb74
Add GitHub Pull Request template
...
Added a Pull Request template for GitHub
2016-04-12 16:08:16 -05:00
4fd9fd2939
Update ISSUE_TEMPLATE.md
2016-04-08 09:30:50 -05:00
5bba6c9111
Create ISSUE_TEMPLATE.md
2016-04-08 09:29:44 -05:00
Steve Riesenberg
naveen
Marcus Da Coregio
Rob Winch
Eleftheria Stein
Josh Cummings
Eleftheria Stein
Ellie Bahadori
Joe Grandja
Vedran Pavić